From 98ea8448317ce9edf4cc48fbc1e7bf54999ca8ae Mon Sep 17 00:00:00 2001 From: rusty-snake Date: Fri, 22 Mar 2019 14:27:15 +0000 Subject: Add kid3, kid3-cli, kid3-qt (#2614) --- etc/disable-programs.inc | 2 ++ etc/kid3-cli.profile | 6 ++++++ etc/kid3-qt.profile | 8 ++++++++ etc/kid3.profile | 45 +++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 61 insertions(+) create mode 100644 etc/kid3-cli.profile create mode 100644 etc/kid3-qt.profile create mode 100644 etc/kid3.profile (limited to 'etc') diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 7ff0ea08a..35b294955 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -77,6 +77,7 @@ blacklist ${HOME}/.config/Google Play Music Desktop Player blacklist ${HOME}/.config/Gpredict blacklist ${HOME}/.config/INRIA blacklist ${HOME}/.config/InSilmaril +blacklist ${HOME}/.config/Kid3 blacklist ${HOME}/.config/Luminance blacklist ${HOME}/.config/Meltytech blacklist ${HOME}/.config/Mendeley Ltd. @@ -190,6 +191,7 @@ blacklist ${HOME}/.config/katesyntaxhighlightingrc blacklist ${HOME}/.config/katevirc blacklist ${HOME}/.config/kdenliverc blacklist ${HOME}/.config/kgetrc +blacklist ${HOME}/.config/kid3rc blacklist ${HOME}/.config/klavaro blacklist ${HOME}/.config/klipperrc blacklist ${HOME}/.config/kmail2rc diff --git a/etc/kid3-cli.profile b/etc/kid3-cli.profile new file mode 100644 index 000000000..bee62b5d9 --- /dev/null +++ b/etc/kid3-cli.profile @@ -0,0 +1,6 @@ +# Firejail profile for kid3-cli +# This file is overwritten after every install/update +include kid3-cli.local + +# Redirect +include kid3.profile diff --git a/etc/kid3-qt.profile b/etc/kid3-qt.profile new file mode 100644 index 000000000..9bcede077 --- /dev/null +++ b/etc/kid3-qt.profile @@ -0,0 +1,8 @@ +# Firejail profile for kid3-qt +# This file is overwritten after every install/update +include kid3-qt.local + +noblacklist ${HOME}/.config/Kid3 + +# Redirect +include kid3.profile diff --git a/etc/kid3.profile b/etc/kid3.profile new file mode 100644 index 000000000..3171e94fe --- /dev/null +++ b/etc/kid3.profile @@ -0,0 +1,45 @@ +# Firejail profile for kid3 +# Description: Audio Tag Editor +# This file is overwritten after every install/update +# Persistent local customizations +include kid3.local +# Persistent global definitions +include globals.local + +noblacklist ${MUSIC} +noblacklist ${HOME}/.config/kid3rc + +include disable-common.inc +include disable-devel.inc +include disable-exec.inc +include disable-interpreters.inc +include disable-passwdmgr.inc +include disable-programs.inc +include disable-xdg.inc + +include whitelist-var-common.inc + +apparmor +caps.drop all +netfilter +nodbus +nodvd +nogroups +nonewprivs +noroot +notv +nou2f +novideo +protocol unix,inet,inet6,netlink +seccomp +shell none +tracelog + +private-cache +private-dev +private-etc alternatives,drirc,fonts,kde5rc,gtk-3.0,dconf,machine-id,ca-certificates,ssl,pki,hostname,hosts,resolv.conf,pulse,,crypto-policies +private-tmp +private-opt none +private-srv none + +memory-deny-write-execute -- cgit v1.2.3-70-g09d2